This bug was fixed in the package chromium-browser -
11.0.696.71~r86024-0ubuntu1
---------------
chromium-browser (11.0.696.71~r86024-0ubuntu1) oneiric; urgency=low
* New Minor upstream release from the Stable Channel (LP: #787846)
This release fixes the following security issues:
+ WebKit issues:
- [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
Silva.
- [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
to Martin Barbella.
- [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
of the Chromium development community.
- other issues covered by CVE-2011-1802, CVE-2011-1803, CVE-2011-1805
+ GPU/WebGL issue:
- [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
buffer. Credit to Google Chrome Security Team (Cris Neckar).
* Update the svg icon once again, the previous one contained an embedded png
(LP: #748881)
- update debian/chromium-browser.svg
* Don't build with libjpeg-turbo on armel, to prevent a FTBFS
- update debian/rules
-- Fabien Tassin <[email protected]> Thu, 24 May 2011 23:42:08 +0200
** Changed in: chromium-browser (Ubuntu Oneiric)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1801
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1802
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1803
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1804
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1805
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1806
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1807
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/787846
Title:
11.0.696.68 -> 11.0.696.71
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
